DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD General

OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 18th April 2012
unixjingleman unixjingleman is offline
Fdisk Soldier
 
Join Date: Jan 2011
Posts: 70
Default OpenBSD keeps locking up/crashing

Hi There
I'm still using 4.8-stable with a GENERIC kernel. I'm gonna do a fresh install of 5.0 soon rather than upgrade twice(I'm using it for such a simple purpose that it will be quicker that way).
Anyway i thought i'd make sure that i didn't have a misconfiguration first, to save time in future.
I'm just using this OpenBSD to separate a few servers from an internal subnet. So OpenBSD just has 2 NICs. One attached to a switch, that the servers and Internet gateway are attached to and one attached to a swith that the internal clients are attached to.
Anyway quite often network connectivity goes down for the internal clients. The only system that is noticably causing this is the afore mentioned OpenBSD firewall/router. By noticable i mean that the console won't accept or echo characters from the keyboard.
This box is the default install of 4.8. The only alterations i've made to it are disabling password authentication on ssh, enabling routing and configuring pf. Oh and i brought it up to the latest stable/patch version a few times, following exactly the method in the FAQ. It does run O.K. It just crashes/locks up about once a day on average.
The output of:
Code:
# df -h
reports that the fullest filesystem is /usr/obj at 48%.
I'm really puzzled. I know it is extremely unlikely to have been hacked, if this is even possible at all. Also the Internet gateway doesn't crash hhmmm.
Also i couldn't find anything in the mail or logs relating to anything like what's been going on. But i didn't untar the old logs. I'll post pf.conf if you realy think that firewall rules can cause an OpenBSD system to crash?. Sorry that's not much data to go on. The main question is can a misconfigured pf cause peroidic system outages?. If so could you advise me on pf if i post my pf.conf?
Thank you very much for your time
regards unixjingleman
Reply With Quote
  #2   (View Single Post)  
Old 18th April 2012
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,975
Default

Quote:
Originally Posted by unixjingleman View Post
Hi There
I'm still using 4.8-stable with a GENERIC kernel. I'm gonna do a fresh install of 5.0 soon rather than upgrade twice(I'm using it for such a simple purpose that it will be quicker that way).
4.8 has not been supported since 5.0 was released 1 Nov 2011. At this moment, only 4.9 and 5.0 are supported. In less than two weeks, 5.1 will release, and then the only supported releases will be 5.0 and 5.1.
Quote:
...By noticable i mean that the console won't accept or echo characters from the keyboard.
Is X running on this platform at the time the console stops functioning? I ask because the default behavior during an actual crash or panic of the system is to drop to ddb(4), and if you have X running at that moment, on many architectures you'll be seeing X on the screen and not know you've dropped to ddb. If the video output from ddb remains hidden, but ddb is functional, you can blindly type ddb commands.

If X was not running, and there is no obvious response to console keystrokes (or connection via the network), you can force a drop to ddb via the console if the kernel will a) still respond to keyboard interrupts, and b) if you've enabled the proper sysctl in advance.

If you are running X, you can change the default behavior during a kernel panic, and ensure a crash/reboot without entering ddb at all. Again, via sysctl settings.

See the crash(9) and ddb(4) man pages for more info.
Quote:
I'm really puzzled. I know it is extremely unlikely to have been hacked, if this is even possible at all. Also the Internet gateway doesn't crash hhmmm.

Also i couldn't find anything in the mail or logs relating to anything like what's been going on. But i didn't untar the old logs. I'll post pf.conf if you realy think that firewall rules can cause an OpenBSD system to crash?. Sorry that's not much data to go on. The main question is can a misconfigured pf cause peroidic system outages?. If so could you advise me on pf if i post my pf.conf?
Thank you very much for your time
regards unixjingleman
If your system has become unresponsive from both the console and from the network, then it will either be from a crash or a hang. If the kernel has crashed, and you are running X with default sysctl settings, depending upon the hardware architecture you are using you may never see ddb console output appear on the console. We don't know your architecture, but if it is either amd64 or i386, "hidden" ddb output is the norm when a panic occurs while X is in use. On hangs, where the OS stops running and responding to normal events, it may be possible to force ddb as I mentioned previously.

You can be assured that we all would be much more interested in your dmesg(4) than any other configuration information you could gather for us at this time. That will answer my question regarding architecture, for example.

Last edited by jggimi; 18th April 2012 at 10:26 AM. Reason: clarity
Reply With Quote
  #3   (View Single Post)  
Old 18th April 2012
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,975
Default

Correction: crash(8), not crash(9).

Additional info: crash dumps will be saved to disk for post mortem analysis, if:
  1. The kernel is able to function sufficiently to dump RAM to swap space on command from ddb or automatically, depending on sysctl settings.
  2. There is sufficient swap space available
  3. There is sufficient disk space available for the dump to be saved from swap upon reboot -- rc(8) calls savecore(8) and the default directory used is /var/crash.
Reply With Quote
  #4   (View Single Post)  
Old 18th April 2012
unixjingleman unixjingleman is offline
Fdisk Soldier
 
Join Date: Jan 2011
Posts: 70
Default

X was not chosen at install as this is a dedicated firewall.
Maybe it's best that i install 5.0 and then get back to you guys if the problem reproduces intself. This isn't because i don't want to post dmesg output or anything daft like that i've just realized that i don't want to take up any more of your time when a simple "wipe-and-reload" might solve all and you could be spending the time doing what you want/need to do.
You seem like you know what you're on about so i'll definately post back if the same happens again.
Thank you very much for the replies they weren't wasted as i've learnt more about OpenBSD and am very greatfull to have access to this information for the future, not just for the afore mentioned scenario.
cheers
Reply With Quote
  #5   (View Single Post)  
Old 18th April 2012
shep shep is offline
Real Name: Scott
Arp Constable
 
Join Date: May 2008
Location: Dry and Dusty
Posts: 1,503
Default

5.1 is due to be released in less than 2 weeks. Depending on the urgency/tolerability of your situation 5.1 would be supported for one year rather than the 6 months+ 12 days that remain for 5.0.
Reply With Quote
  #6   (View Single Post)  
Old 18th April 2012
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,975
Default

As X is not a factor, then this appears to be a "hang". That's narrowed it down considerably.

You could re-install, or upgrade, whichever you find convenient. However, you may still be able to obtain possibly useful information from the 4.8 system if you can force the kernel to enter ddb or to execute a crash dump. (This might be via the sysctl ddb.console or via the machdep.kbdreset sysctl, as applicable.)

Just finding out where the kernel may be looping might help isolate a root cause -- for example, if the kernel is looping in a hardware driver, that might be indicative of a problem with that hardware component.

Last edited by jggimi; 18th April 2012 at 01:04 PM. Reason: clarity
Reply With Quote
  #7   (View Single Post)  
Old 18th April 2012
ocicat ocicat is offline
Administrator
 
Join Date: Apr 2008
Posts: 3,318
Default

Quote:
Originally Posted by jggimi View Post
You can be assured that we all would be much more interested in your dmesg(4) ...
Eh, that's dmesg(8)...

Reply With Quote
  #8   (View Single Post)  
Old 18th April 2012
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,975
Default

I type too fast on keyboards; usually faster than I think. I also am afflicted with Swype on my phone. Between these two causes, I make many, many typos.

Thanks for catching that.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
System crashing constantly on P4/xeon Mr-Biscuit OpenBSD General 6 5th April 2010 03:33 AM
BBC activates iPlayer Flash verification - Locking out open source J65nko News 0 25th February 2010 08:51 PM
Error in locking Authority jerryw OpenBSD Installation and Upgrading 4 14th November 2009 06:25 PM
Locking a Computer JMJ_coder General software and network 8 21st September 2008 03:33 AM
FAM keeps crashing with courier-imap krreagan FreeBSD General 0 14th May 2008 11:15 PM


All times are GMT. The time now is 06:38 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick